For IOS Firewall, which is better to inspect on the inside interface or the outside, it appears you can go wither way.
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(87) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,586) -
Cisco Bugs
(39) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(147) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(32) -
Cisco Secure Firewall Management Center (FMC)
(148) -
Cisco Secure Firewall Threat Defense (FTD)
(181) -
Cisco Security Cloud Control
(8) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(18) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(45) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(14) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(263) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(32) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(4) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,576) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
IPv6 Configuration
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(322) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(92) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,579) -
NGIPS
(1,874) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(2) -
Other Network Security Topics
(10,779) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(3) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(8) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(641) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(43) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Brought up the 5505 today with a site to site VPN.The site to site tunnel is up and I have a constant ping on a machine inside the 5510 network(192.168.0.0/24) going out to the 172.16.100.0/24 on the 5505 network. I see the traffic leave the 5510 and...
Resolved! Identity NAT on 9.1
hi all,apologies for my NAT getting rusty, just a quick confirmation if my identity NAT below is correct: object network IDENTITY-NAT-OBJ host 111.203.23.1object network INSIDE-NET-OBJ host 111.203.23.1 nat (inside,outside) static IDENTITY-NAT-OBJ...
In order to add the existing license to new CCO ID please follow the steps below: Login to License Registration portal with CCO ID and passwordClick on View Existing License Link, Click on "Add License" Select "Source Fire License Key" from the pull ...
so in the "old" 8.2 ASA OS, I wanted something like this:static nat a few ports inbound for web and email traffic to an inside server (using outside IP2)allow this inside server (and all the other DMZ servers) to browse the internet with a global PAT...
Hi All,On one of our firewalls we hosting a application/service which impacts clients and we recently conducted a Pen test, the external company doing the Pen test have advised us that there is a vulnerability relating to OpenSSL. We have checked the...
So i understand the basic syntax for NATing a single internal network to an outside interface for allowing internet access. Something like below... object network NAT_INSIDE_NETS subnet 10.0.0.0 255.255.255.0object network NAT_INSIDE_NETS nat (ins...
We have 2 IP camera in the computer room and we would like to use an acl to control http access to the individual IP addresses and only leave the access through the server. The server is on port 21. The Cameras are on an unmanaged switch hooked to t...
Hello,we have 2 ASA 5520s (active/standby) which have a throughput of 450mbps and we have been hitting this recently and the CPU goes through the roof and I see overruns too.I've been using this method to gather the stats, but it is too manual and I ...
Hi, community! Bug CSCur94645 is related to incorrect packet generated by ASA, when you try to log in ASDM via RADIUS authentication.As it seen in bug description - it's fixed, but fixed releases include some strange one: 100.12(0.109)100.13(0.14)100...
We are getting ready to upgrade from a FWSM running 4.0x to an ASASM 9.1.5. I have run the migration tool and uploaded the config to startup and let it boot. I have seen several references to having the change access-lists to use the real IP not the ...
This _should_ be the most common NAT configuration the planet, so no obscure goings-on! Very simple: web server on inside interface with a private IP. Need to serve up Web requests to internet. Second WAN IP on outside interface, used for NAT-ing up ...
Dear all I have one question about Cisco Content Management Appliance, could you please help me to check the answer.My customer asked me if they could use one management box to manage both WSA and ESA devices.For example, I have 1 box ESA C380 and 1 ...
Hello, I have an ASA5550 running asa914-k8.bin. It is connected to a Time Warner cable modem. I have a block of 5 public IP's from TW. From both outside and from the ASA I can ping the first IP of the block. I get replies. When I try to ping th...
We have our Voice and Data Vlan segregated by an ASA Firewall. The CallManager sits within the Voice Vlan. The IPT Solution reference network Design Document says; "By placing a firewall between the Cisco CallManager cluster and both the voice and da...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 12-31-2025 01:53 AM | ||
| 12-15-2025 09:32 PM | ||
| 12-11-2025 07:27 AM | ||
| 11-13-2025 12:52 PM | ||
| 11-03-2025 09:48 AM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 1 |
